Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re: When is it safe to move a file?

by BoredByPolitics (Scribe)
on Jan 14, 2001 at 23:34 UTC ( #51796=note: print w/replies, xml ) Need Help??

in reply to When is it safe to move a file?

Thanks guys - with the advice that's been offered, I can now implement a solution with is as safe as it can be, considering the interface.

As regards the design of the interface - I had a little input into it, however, the developer of the software which runs on the remote machine had 'done this sort of thing before', and also claimed that no crc/md5 checking needed to be done because 'in [his] experience, ftp is a totally safe transport medium' - ah well, perhaps we can fix the interface with v2 ...


Replies are listed 'Best First'.
Re: Re: When is it safe to move a file?
by Dragonfly (Priest) on Jan 15, 2001 at 00:13 UTC
    'in his experience, ftp is a totally safe transport medium'

    Which, of course, explains the existence of SSH and SCP.

    For all the recent concern I've seen around the Monastery regarding security, I'm suprised nobody has pointed out the inherent flaws in the concept of using FTP to transfer your files, your username, and your password in plain text across the internet.

    SCP, an encrypted drop-in replacement for FTP, is a great alternative, and there is even a Net::SCP module that should allow you to keep using your current scripts, even if they currently rely on Net::FTP.

    And for a secure (encrypted) remote shell prompt in Perl, you can't beat the Net::SSH module.

    I realize it's probably too late (or perhaps completely unfeasible ;-) to switch to these in the middle of your project, but maybe you or someone else who reads this can use these in future projects. Take a look at the secure alternatives to FTP and Telnet; now that the US encryption export laws have changed (and the RSA patents have expired) you can use them for free on almost any OS.

      By 'safe', he meant that the file would arrive at the destination without corruptions.

      Currently, because all the network connections are on a private WAN, security is considered an obstruction! This attitude drives me nuts, but my recommendations fall on deaf ears.

      However, I get the impression that someone higher up is organizing security audits (not just of the computer networks), so hopefully this attitude will fade away once the right incentives are in place (such as dismissals, etc ;-)


Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://51796]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (1)
As of 2022-01-28 05:48 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (73 votes). Check out past polls.